A direct peer-to-peer messenger built for people who get banned, shadow-banned, and silenced by regimes, Western governments, and Big Tech that want to control information. Your words go straight from your device to theirs — no server, government, or corporation can stop them.
WhatsApp, Telegram, Signal, Messenger — they all store your messages on their servers. Little Chat is different. Messages go directly from your device to your contact. There is no server to raid, no data to subpoena, no database to hack. Nothing to hand over. No one can stop your words because no one has them.
No servers means no one to ban you. No accounts means no identity to suspend. No central control means no censorship. Direct peer-to-peer.
Your messages go directly from your device to theirs — no server, no company, no government in between. No one can ban, shadow-ban, suspend, or censor you. No corporation can deplatform you. There is no middleman to stop your words.
WebRTC DTLS-SRTP encrypts everything. ECDSA P-256 keys sign every message. Forged messages are detected instantly. Regimes, Western governments, and Big Tech cannot intercept or tamper.
Messages go directly between devices. No data stored on any server. No one can hand over your messages, because we don’t have them. What you say stays between you and your contact.
The person who created the group has no more power than you. Every member has identical rights — anyone can add or remove people. No admins, no moderators, no muting, no kicking. No one outranks you.
Text, images, files, voice, video — no content filtering, no size limits, no AI scanning your messages. You decide what to say and share, not a platform.
Live video calls that never touch a server. No one can listen in, record, or intercept. Speak face-to-face with complete privacy.
We don’t verify anyone — we have no accounts, no profiles, no data on who you are. Instead, you verify each other directly: exchange 6-digit PINs with a contact to confirm their identity. Device fingerprint TOFU catches imposters. Green shield = you know it’s them, not an imposter.
Your messages never disappear. Lose your connection? They queue on your device and send automatically when you’re back online. On desktop, the connection stays active even in the background. On mobile, the Android app keeps you connected too — unlike the browser, which only works while the screen is on. Works on Huawei and all Android devices.
See how the “big” chat apps compare to truly private, uncensorable peer-to-peer messaging.
| Feature | Little Chat | Telegram | Signal | Messenger | |
|---|---|---|---|---|---|
| Messages stored on central server | ✗ | ✓ | ✓ | ✓ | ✓ |
| Can be banned / suspended | ✗ | ✓ | ✓ | ✓ | ✓ |
| Phone number required | ✗ | ✓ | ✓ | ✓ | ✓ |
| Peer-to-peer (no middleman) | ✓ | ✗ | ✗ | ✗ | ✗ |
| Ads / data collection | ✗ | ✓ | ● | ✗ | ✓ |
| Corporation controls the service | ✗ | ✓ | ✓ | ● | ✓ |
| No monetization / donations taken | ✓ | ✗ | ✗ | ● | ✗ |
| No one can stop your words | ✓ | ✗ | ✗ | ✗ | ✗ |
| App required | ✗ | ✓ | ● | ✓ | ● |
What permissions each messenger requires on Android. Little Chat asks for the bare minimum — only Internet, Camera, and Microphone (for video calls). No contacts, no storage, no phone ID, no SMS, no location.
| Permission | Little Chat | Telegram | Signal | Messenger | |
|---|---|---|---|---|---|
| Internet / Network | ✓ | ✓ | ✓ | ✓ | ✓ |
| Camera | ✓ calls only | ✓ | ✓ | ✓ | ✓ |
| Microphone | ✓ calls only | ✓ | ✓ | ✓ | ✓ |
| Storage / Media | ✗ | ✓ | ✓ | ✓ | ✓ |
| Contacts | ✗ | ✓ | ✓ | ✓ | ✓ |
| Phone / Device ID | ✗ | ✓ | ✓ | ✓ | ✓ |
| SMS | ✗ | ✓ | ✗ | ✓ | ✓ |
| Location | ✗ | ● optional | ● optional | ● optional | ● optional |
| Calendar | ✗ | ● optional | ● optional | ✗ | ✓ |
| Bluetooth / Nearby | ✗ | ✗ | ✗ | ✓ | ✓ |
| Body Sensors | ✗ | ● optional | ✗ | ✗ | ● optional |
IMEI (International Mobile Equipment Identity) is a 15-digit number permanently burned into your phone's cellular modem at the factory. It is the hardware fingerprint of your device — it survives factory resets, SIM swaps, and operating system reinstalls. Unlike an IP address or a browser cookie, you cannot clear it, rotate it, or opt out.
Here's how this permanent identifier is used against you:
Little Chat is built and hosted in South Africa. That's not an accident — it's a deliberate choice. Here's why jurisdiction matters for a privacy app.
South Africa is not a member of Five Eyes, Nine Eyes, or Fourteen Eyes — the intelligence-sharing pacts that bind the US, UK, Canada, Australia, New Zealand, and most of Western Europe. There is no treaty-level obligation to hand intercept data to these countries. A server in London or Virginia is legally reachable by multiple intelligence agencies. A server in Johannesburg is not.
US law — specifically FISA Section 702 and the Patriot Act — gives American intelligence agencies broad power to compel tech companies to hand over data, often in secret and without a warrant. National Security Letters come with gag orders. South African courts do not recognize these instruments. A US agency cannot serve a secret subpoena on a Johannesburg server. They would need to go through SA courts — publicly, with judicial oversight, and under POPIA data protection law.
Amazon, Google, Meta, Microsoft, and Apple do not have their headquarters in South Africa. The corporate surveillance lobby — the one that wrote SOPA, PIPA, and pushed backdoors into legislation in the US and EU — has no seat at the table here. There is no ad-tech industry in Johannesburg lobbying for access to your device identifiers. The government isn't taking meetings with Meta about "data partnerships." The distance from Silicon Valley is real, and it matters.
The Protection of Personal Information Act (POPIA, 2020) is modeled on the EU's GDPR. It mandates data minimization, purpose limitation, user consent, breach notification, and cross-border transfer restrictions. If you collect nothing, you're compliant by default — and Little Chat collects nothing. But if a third party demands data, POPIA provides a legal framework to push back that many hosting jurisdictions simply don't have.
South African courts have a track record of ruling against government surveillance overreach. The Constitutional Court has repeatedly struck down legislation that violated privacy rights. Compare that to the FISC (Foreign Intelligence Surveillance Court) in the US — a secret court that approves over 99% of government surveillance requests, with no adversarial process. SA courts operate in the open. That matters when someone comes asking for your data.
Our signaling server runs on hardware we own, in a Teraco Johannesburg datacenter, on a South African IP range. No US cloud provider. No EU hosting company. No intermediary that can be pressured, acquired, or compelled by a foreign government. When you control the physical layer, you eliminate an entire class of threats: the "we got a warrant for the server at AWS" problem simply doesn't exist here.
Every server in our infrastructure is configured to log nothing at the system level. No IP addresses. No connection timestamps. No session metadata. No user identifiers. Even SSH login attempts, firewall events, and operating system logs are disabled. The server simply has no record of who connected, when, or from where. A court order, a subpoena, a warrant — none of it can produce data that was never stored. This is not an accident or a policy. It is an architectural decision baked into every layer of the stack.
The difference between hosting in San Francisco and Johannesburg is the difference between hosting on your front lawn and hosting in your living room.
One is reachable by anyone with a badge. The other requires a warrant, a court order, a judge who asks questions, and a legal framework that protects the person on the other end. That's not perfect — no jurisdiction is. But it's a hell of a lot better than the alternative.
Encryption protects your messages. But protecting a source means protecting the fact that you ever spoke at all. Most messengers fail at this. Here's why Little Chat doesn't.
WhatsApp, Signal, and Telegram all route messages through central servers. Those servers log who talked to whom, when, and for how long — even if the message content is encrypted. That metadata is a map of your relationships. A subpoena to the server operator reveals your sources instantly. Little Chat has no server to subpoena. Messages go directly between devices. There is no ledger of who contacted who. There is nothing to hand over because there is nothing to seize.
Signal requires a phone number. WhatsApp requires a phone number. Telegram requires a phone number. A phone number is a government-issued ID that links directly to your SIM card, your carrier account, your billing address, and your real name. When your messenger knows your phone number, your source's phone number is one subpoena away. Little Chat doesn't ask for a phone number. You pick an ID. That ID lives only inside the app. No carrier record. No SIM trace. No identity to demand.
If authorities seize your phone, they get one device. Not a server. Not a database. Not a list of everyone you've ever talked to. Little Chat has no central contact list, no server-side address book, and no record linking your ID to anyone else's. A conversation lives only on the two devices that had it. Seize one device and you have half a conversation and one person's contacts. Every other conversation, every other contact, every other person remains completely beyond your reach.
Centralized messengers have compliance teams, legal departments, and terms of service that require them to report certain activity to authorities. They employ content moderators who scan messages. They run automated systems that flag suspicious patterns. These are corporate obligations they cannot ignore. Little Chat has none of this infrastructure. We have no servers to scan. No moderators to flag. No legal department receiving government requests. There is no mechanism to report what we cannot see.
US court orders don't reach Johannesburg. EU data requests don't compel South African companies. Our infrastructure — what little of it exists — sits in a jurisdiction outside the intelligence-sharing pacts that bind most of the Western world. Even if someone wanted to investigate your communications, the legal pathway to do so runs through South African courts, South African privacy law, and South African constitutional protections. That's not a loophole. It's a moat.
Because Little Chat uses no accounts, no registration, and no persistent identifiers, any ID that appears on a device could have been typed in by anyone. There is no proof of who created an ID or who used it. A journalist's device containing chat logs with "SourceX" proves a conversation happened — but it doesn't prove who was on the other end, where they were, or whether "SourceX" is even a real person. In a court of law, that's the difference between evidence and speculation.
The most dangerous thing a source can do isn't speak — it's be identified.
Every centralized messenger creates a record of the relationship. Every server log is a witness. Every phone number is a lead. Every subpoena is a threat. The only way to truly protect a source is to ensure there is nothing to find, nowhere to look, and no one to ask. That's not an encryption problem. That's an architecture problem. And it's the problem Little Chat was built to solve.
Open source means anyone can fork the code, add trackers, and redistribute it as a "trusted" version. Governments, corporations, and data brokers can — and do — create compromised clones of open-source apps. They rename them, repackage them, and distribute them through unofficial channels. The average user has no way to tell which fork is clean and which one is sending every message to a server in Langley.
Little Chat is different. We defend the code — and we defend it for one reason: so no one else can compromise it.
When the code is open, anyone can create a version that looks identical but secretly uploads your messages, scrapes your contacts, or logs your keystrokes. By keeping the codebase defended, there is exactly one version of Little Chat. The one you download from our site. The one we built for the censored. No imposter apps. No spyware reskins.
Open-source projects get acquired. Promising privacy tools get bought by the very companies they were built to protect against. Look at what happened to WhatsApp. Look at what happened to countless "privacy-first" startups. When you take venture capital, you take orders. We take nothing. Zero donations. Zero investors. Zero pressure to sell out. You can't buy what refuses to be sold.
An open-source project with dozens of contributors spread across multiple jurisdictions is impossible to secure against legal coercion. One contributor gets a national security letter, and a backdoor appears in the next commit. With Little Chat, there is no distributed team to pressure. The code stays where it is — and so does the responsibility to keep you safe.
You don't need access to our source code to verify Little Chat does what we say. You can inspect the network traffic yourself: no data leaves your device except directly to your contact. No analytics calls, no telemetry pings, no "crash reports." The app's behavior is the proof. An app that doesn't phone home doesn't need you to audit its source code — you can audit its actual network activity with any proxy tool.
Don't take our word for it. Verify it yourself using:
Here's what you'll find:
Little Chat sends data to exactly one place — the person you're talking to. No analytics ping to a server. No telemetry call to a third party. No crash report to a developer. Just WebRTC traffic from your device to theirs, encrypted end-to-end. Compare that to any other messenger and see the difference for yourself.
Does it? Signal is open source. It still demands your phone number. Telegram's client is open source. Its servers are a black box. WhatsApp published its encryption protocol. Meta still harvests your metadata. Open source doesn't protect you from a business model built on your data. It just lets you watch while they take it.
We don't ask for your trust — we make it unnecessary. No accounts, no servers, no data collection, no funding to compromise us. A defended codebase means no one can create a compromised version and call it Little Chat. What you download from us is what we built. Nothing hidden. Nothing added by a third party. Nothing that can be subpoenaed, bought, or pressured into betraying you.
Your words are yours. Our code is ours — and we're not sharing either one.
Built for the censored. Giving a voice to those who tell the uncomfortable truth. This exists for one reason: because the uncomfortable truth shouldn’t be censored.
No servers to raid. No accounts to subpoena. No data to hand over. No one to ban. We don’t even know who uses Little Chat. Built specifically for the uncensorable.
Everything you need to know about staying free from censorship, bans, and surveillance.
The Android app is simply a wrapper around the same Little Chat web app you use in your browser. It packages the website so it can run as a standalone app, receive notifications, and stay connected in the background. The code is identical — no hidden trackers, no extra data collection, no differences. You can verify this yourself. Works perfectly on Huawei and all Android devices — no Google Play required.
Download APK✓ Works on Huawei, Samsung, Xiaomi — any Android device
We don’t track downloads, collect usage data, or know who you are. Even we don’t know you use this app.
They silence the uncomfortable truth. You speak it anyway. No bans, no censorship, no surveillance. Just direct, private, uncensorable messaging in your hands.